Vulnerabilities > Redhat > Single Sign ON > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-09-14 | CVE-2023-1108 | Infinite Loop vulnerability in multiple products A flaw was found in undertow. | 7.5 |
2023-02-23 | CVE-2022-4492 | Unspecified vulnerability in Redhat products The undertow client is not checking the server identity presented by the server certificate in https connections. | 7.5 |
2022-09-13 | CVE-2022-1278 | Insecure Default Initialization of Resource vulnerability in Redhat products A flaw was found in WildFly, where an attacker can see deployment names, endpoints, and any other data the trace payload may contain. | 7.5 |
2022-08-31 | CVE-2022-1259 | A flaw was found in Undertow. | 7.5 |
2022-08-31 | CVE-2022-1319 | A flaw was found in Undertow. | 7.5 |
2022-08-26 | CVE-2022-0084 | Allocation of Resources Without Limits or Throttling vulnerability in Redhat products A flaw was found in XNIO, specifically in the notifyReadClosed method. | 7.5 |
2022-08-26 | CVE-2021-3632 | Improper Authentication vulnerability in Redhat Keycloak and Single Sign-On A flaw was found in Keycloak. | 7.5 |
2022-08-26 | CVE-2021-3859 | A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2. | 7.5 |
2022-08-23 | CVE-2021-3690 | Memory Leak vulnerability in Redhat products A flaw was found in Undertow. | 7.5 |
2022-08-05 | CVE-2022-2668 | Unspecified vulnerability in Redhat Keycloak and Single Sign-On An issue was discovered in Keycloak that allows arbitrary Javascript to be uploaded for the SAML protocol mapper even if the UPLOAD_SCRIPTS feature is disabled | 7.2 |